Exploitdb Exploits

31,344 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4999 EXPLOITDB text VERIFIED
esoftpro Online Photo Pro 2.0 - SQL Injection
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
by L0rd CrusAd3r
CVE-2010-4996 EXPLOITDB text
Esoftpro Online Guestbook Pro 5.1 - SQL Injection
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
by L0rd CrusAd3r
CVE-2010-5001 EXPLOITDB text
Esoftpro Online Contact Manager 3.0 - SQL Injection
SQL injection vulnerability in view.php in esoftpro Online Contact Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by L0rd CrusAd3r
EIP-2026-112511 EXPLOITDB text
SweetRice < 0.6.4 - 'FCKeditor' Arbitrary File Upload
by ITSecTeam
CVE-2010-4975 EXPLOITDB text
Joomla! - SQL Injection
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php.
by Sid3^effects
CVE-2010-4993 EXPLOITDB text
Joomla! com_eventcal <1.6.4 - SQL Injection
SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
by RoAd_KiLlEr
EIP-2026-108536 EXPLOITDB text VERIFIED
Joomla! Component com_seyret - Local File Inclusion
by Cooler_ unix
EIP-2026-107962 EXPLOITDB text VERIFIED
iScripts MultiCart 2.2 - Multiple SQL Injections
by Salvatore Fresta
EIP-2026-107312 EXPLOITDB text VERIFIED
FuseTalk 3.2/4.0 - Multiple Cross-Site Scripting Vulnerabilities
by Juan Manuel Garcia
CVE-2010-4988 EXPLOITDB text
Family Connections Who is Chatting <2.2.3 - RCE
PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connections Who is Chatting 2.2.3 allows remote attackers to execute arbitrary PHP code via a URL in the TMPL[path] parameter.
by lumut--
CVE-2012-6083 EXPLOITDB HIGH text VERIFIED
Freeciv < 2.3.3 - Denial of Service
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
by Luigi Auriemma
CVSS 7.5
CVE-2010-4989 EXPLOITDB text
Ziggurat Farsi CMS - SQL Injection
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
by Arash Saadatfar
CVE-2010-2731 EXPLOITDB text VERIFIED
Microsoft IIS 5.1 - Auth Bypass
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
by Soroush Dalili
EIP-2026-111393 EXPLOITDB text
Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-108535 EXPLOITDB text
Joomla! Component com_seyret - Blind SQL Injection
by RoAd_KiLlEr
EIP-2026-107957 EXPLOITDB text VERIFIED
iScripts EasyBiller - Cross-Site Scripting
by Sangteamtham
CVE-2010-4983 EXPLOITDB text VERIFIED
iScripts CyberMatch 1.0 - SQL Injection
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
by Salvatore Fresta
EIP-2026-107947 EXPLOITDB text
Iphone Pointter Social Network - Local File Inclusion
by Sid3^effects
EIP-2026-105486 EXPLOITDB text VERIFIED
Bit Weaver 2.7 - Local File Inclusion
by John Leitch
EIP-2026-104510 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (2)
by Marcos Garcia & Maximiliano Soler
EIP-2026-103343 EXPLOITDB text VERIFIED
Xplico 0.5.7 - 'add.ctp' Cross-Site Scripting (1)
by Marcos Garcia & Maximiliano Soler
EIP-2026-100597 EXPLOITDB text VERIFIED
VGM Forbin - 'article.asp' SQL Injection
by Th3 RDX
EIP-2026-100441 EXPLOITDB text VERIFIED
MooreAdvice - 'productlist.asp' SQL Injection
by Th3 RDX
CVE-2010-2549 EXPLOITDB text VERIFIED
Microsoft Windows Server 2008 - Resource Management Error
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
by MSRC
EIP-2026-113426 EXPLOITDB text VERIFIED
Wiki Web Help 0.2.7 - Cross-Site Scripting / HTML Injection
by John Leitch
By Source
All 31,344 Writeup 60,429 Exploitdb 50,009 Nomisec 21,918 Metasploit 3,229 Github 2,763 Vulncheck_xdb 907 Inthewild 514 Gitlab 443 Gitee 415 Patchapalooza 312
By Language
text 31,344 python 6,048 ruby 5,918 c 3,579 perl 2,849 html 2,054 php 1,327 bash 460 java 364 c++ 251 javascript 220 shell 98 go 61 postscript 25 xml 24